Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport of Net 3181 consul gh issue 15709 allow log file naming like nomad - fix bug into release/1.14.x #18640

Merged
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
1304 commits
Select commit Hold shift + click to select a range
e552e3d
api-gateway: add operation cannot be fulfilled error to common errors…
sarahalsmiller Jun 26, 2023
08c5048
api-gateway: add step to upgrade instructions for creating intentions…
nathancoleman Jun 26, 2023
a96a9e7
Changelog - add 1.13.9, 1.14.8, and 1.15.4 (#17889)
jmurret Jun 27, 2023
6bc2222
docs: update config enable_debug (#17866)
nvanthao Jun 27, 2023
601490b
Update wording on WAN fed and intermediate_pki_path (#17850)
Jun 27, 2023
767ef2d
Allow service identity tokens the ability to read jwt-providers (#17893)
roncodingenthusiast Jun 27, 2023
c8cfa60
Update docs (#17476)
mr-miles Jun 27, 2023
55056be
Add emit_tags_as_labels to envoy bootstrap config when using Consul T…
Jun 27, 2023
abeeea1
Fix command from kg to kubectl get (#17903)
lkysow Jun 27, 2023
1c819e6
Create and update release notes for 1.16 and 1.2 (#17895)
im2nguyen Jun 27, 2023
b76c4d7
Propose new changes to APIgw upgrade instructions (#17693)
im2nguyen Jun 27, 2023
3368f14
Add workflow to verify linux release packages (#17904)
jmurret Jun 27, 2023
f787088
Reference hashicorp/consul instead of consul for Docker image (#17914)
nathancoleman Jun 27, 2023
310bc68
Update Consul K8s Upgrade Doc Updates (#17921)
natemollica-nm Jun 27, 2023
6f5da97
Update sameness-group.mdx (#17915)
Jun 28, 2023
b168132
Update create-sameness-groups.mdx (#17927)
Jun 28, 2023
7dbba6c
deps: coredns v1.10.1 (#17912)
loshz Jun 28, 2023
67a239a
Ensure RSA keys are at least 2048 bits in length (#17911)
jm96441n Jun 28, 2023
f019457
tlsutil: Fix check TLS configuration (#17481)
beautifulentropy Jun 28, 2023
6f660e5
docs: Deprecations for connect-native SDK and specific connect native…
Jun 28, 2023
bdf4fad
Revert "Add workflow to verify linux release packages (#17904)" (#17942)
jmurret Jun 28, 2023
1b1f33f
Fixes Secondary ConnectCA update (#17846)
Ranjandas Jun 29, 2023
a60b363
fixing typo in link to jwt-validations-with-intentions doc (#17955)
jm96441n Jun 29, 2023
85b78fe
Fix streaming backend link (#17958)
Jun 29, 2023
1512ea3
Dynamically create jwks clusters for jwt-providers (#17944)
roncodingenthusiast Jun 29, 2023
f7305b2
website: remove deprecated agent rpc docs (#17962)
loshz Jun 29, 2023
2736e64
Fix missing BalanceOutboundConnections in v2 catalog. (#17964)
hashi-derek Jun 29, 2023
2af6bc4
feature - [NET - 4005] - [Supportability] Reloadable Configuration -…
absolutelightning Jun 30, 2023
5b7f360
Fix formatting codeblocks on APIgw docs (#17970)
im2nguyen Jun 30, 2023
50a9d1b
Remove POC code (#17974)
Jun 30, 2023
9ce89c4
update doc (#17910)
xwa153 Jun 30, 2023
0b1299c
Remove duplicate and unused newDecodeConfigEntry func (#17979)
cthain Jun 30, 2023
f096fc5
docs: samenessGroup YAML examples (#17984)
boruszak Jun 30, 2023
df85dd8
Add changelog entry for 1.16.0 (#17987)
nathancoleman Jun 30, 2023
dc6ea1b
Fix typo (#17198)
evanphx Jul 1, 2023
8039427
Expose JWKS cluster config through JWTProviderConfigEntry (#17978)
roncodingenthusiast Jul 4, 2023
4f0bdd3
Integration test for ext-authz Envoy extension (#17980)
cthain Jul 4, 2023
0094dbf
Fix incorrect protocol for transparent proxy upstreams. (#17894)
hashi-derek Jul 5, 2023
8af4ad1
feat: include nodes count in operator usage endpoint and cli command …
JadhavPoonam Jul 5, 2023
b94095d
[OSS] Improve Gateway Test Coverage of Catalog Health (#18011)
DanStough Jul 5, 2023
7f3446e
Fixes Traffic rate limitting docs (#17997)
Ranjandas Jul 5, 2023
2c2e628
Fix removed service-to-service peering links (#17221)
karras Jul 5, 2023
7ef807d
docs: Sameness "beta" warning (#18017)
boruszak Jul 5, 2023
548829a
updated typo in tab heading (#18022)
trujillo-adam Jul 5, 2023
7689a5e
Document that DNS lookups can target cluster peers (#17990)
jcjones Jul 5, 2023
ada3938
Add first integration test for jwt auth with intention (#18005)
roncodingenthusiast Jul 6, 2023
f7d399f
fix stand-in text for name field (#18030)
trujillo-adam Jul 6, 2023
820cdbb
removed sameness conf entry from failover nav (#18033)
trujillo-adam Jul 6, 2023
85f2ae0
docs - add service sync annotations and k8s service weight annotation…
Jul 6, 2023
b9a6a74
docs - add jobs use case for service mesh k8s (#18037)
Jul 7, 2023
b0a2e33
address feedback (#18045)
Jul 7, 2023
f4b0804
Add verify server hostname to tls default (#17155)
fulviodenza Jul 10, 2023
1b08626
[OSS] Fix initial_fetch_timeout to wait for all xDS resources (#18024)
DanStough Jul 10, 2023
7decc30
ui: fix typos for peer service imports (#17999)
krastin Jul 11, 2023
da79997
test: fix FIPS inline cert test message (#18076)
DanStough Jul 11, 2023
a30ba33
Fix a couple typos in Agent Telemetry Metrics docs (#18080)
Jul 11, 2023
bfb9212
docs updates - cluster peering and virtual services (#18069)
Jul 11, 2023
0e58c89
Update service-mesh-compare.mdx (#17279)
david3a Jul 11, 2023
bd5af7f
Update helm docs on main (#18085)
curtbushko Jul 11, 2023
3dc6f8f
ci: use gotestsum v1.10.1 [NET-4042] (#18088)
nfi-hashicorp Jul 12, 2023
51d8eb8
Docs: Update proxy lifecycle annotations and consul-dataplane flags (…
curtbushko Jul 12, 2023
f472164
Pass configured role name to Vault for AWS auth in Connect CA (#17885)
t-davies Jul 12, 2023
ebfed56
Docs for dataplane upgrade on k8s (#18051)
lkysow Jul 12, 2023
f51a9d2
docs - update upgrade index page to not recommend consul leave. (#18100)
jmurret Jul 12, 2023
2f20c77
Displays Consul version of each nodes in UI nodes section (#17754)
vijayraghav-io Jul 12, 2023
d1f5d9b
api gw 1.16 updates (#18081)
eddie-rowe Jul 12, 2023
3b3aa1f
[NET-4103] ci: build s390x (#18067)
loshz Jul 12, 2023
efe9816
:ermahgerd "Sevice Mesh" -> "Service Mesh" (#18116)
nv-hashi Jul 13, 2023
c328ba8
Split pbmesh.UpstreamsConfiguration as a resource out of pbmesh.Upstr…
ishustava Jul 13, 2023
a2c6953
[NET-4895] ci - api tests and consul container tests error because of…
jmurret Jul 13, 2023
68863b4
Add ingress gateway deprecation notices to docs (#18102)
Jeff-Apple Jul 13, 2023
2229206
Add docs for jwt cluster configuration (#18004)
roncodingenthusiast Jul 14, 2023
ad6364a
Docs: fix unmatched bracket for health checks page (#18134)
huikang Jul 14, 2023
5208ea9
NET-4657/add resource service client (#18053)
JadhavPoonam Jul 14, 2023
747a4c7
Fix bug with Vault CA provider (#18112)
Jul 14, 2023
5af7390
[NET-4897] net/http host header is now verified and request.host that…
jmurret Jul 14, 2023
691bc96
add a conditional around setting LANFilter.AllSegments to make sure i…
jmurret Jul 14, 2023
05b665e
chore: bump upgrade integrations tests to 1.15, 116 [NET-4743] (#18130)
nfi-hashicorp Jul 14, 2023
e719478
re org resource type registry (#18133)
xwa153 Jul 15, 2023
5930518
fix: update delegateMock used in ENT (#18149)
JadhavPoonam Jul 17, 2023
bcc6a9d
Use JWT-auth filter in metadata mode & Delegate validation to RBAC fi…
roncodingenthusiast Jul 17, 2023
f7c5ba5
Support Consul Connect Envoy Command on Windows (#17694)
absolutelightning Jul 17, 2023
e52ea0e
Change docs to say 168h instead of 7d for server_rejoin_age_max (#18154)
Jul 17, 2023
33d898b
[OSS] test: improve xDS listener code coverage (#18138)
DanStough Jul 17, 2023
03cf37e
Re-order expected/actual for assertContainerState in consul container…
roncodingenthusiast Jul 17, 2023
07fce86
group and document make file (#17943)
xwa153 Jul 17, 2023
6200536
Add `testing/deployer` (neé `consul-topology`) [NET-4610] (#17823)
nfi-hashicorp Jul 17, 2023
9214457
[NET-4792] Add integrations tests for jwt-auth (#18169)
roncodingenthusiast Jul 18, 2023
548a5ca
Add FIPS reference to consul enterprise docs (#18028)
im2nguyen Jul 18, 2023
cd3fc9e
add peering_commontopo tests [NET-3700] (#17951)
nfi-hashicorp Jul 18, 2023
2e326e2
docs - remove Sentinel from enterprise features list (#18176)
Jul 19, 2023
29cdb75
[NET-4865] Bump golang.org/x/net to 0.12.0 (#18186)
zalimeni Jul 19, 2023
003370d
Call resource mutate hook before validate hook (NET-4907) (#18178)
analogue Jul 19, 2023
e8dd04d
[NET-4865] security: Update Go version to 1.20.6 (#18190)
zalimeni Jul 19, 2023
18bc041
Improve XDS test coverage: JWT auth edition (#18183)
roncodingenthusiast Jul 19, 2023
271e5af
update readme.md (#18191)
NiniOak Jul 19, 2023
72999bb
Update submodules to latest following 1.16.0 (#18197)
zalimeni Jul 19, 2023
1ef5dfc
SEC-090: Automated trusted workflow pinning (2023-07-18) (#18174)
hashicorp-tsccr[bot] Jul 19, 2023
1c7fcdf
Fix Backport Assistant PR commenting (#18200)
zalimeni Jul 20, 2023
ada767f
resource: Pass resource to Write ACL hook instead of just resource Id…
analogue Jul 20, 2023
2c5a09b
Explicitly enable WebSocket upgrades (#18150)
blake Jul 20, 2023
5cd2876
docs: fix the description of client rpc (#18206)
huikang Jul 20, 2023
7e6ce76
NET-4804: Add dashboard for monitoring consul-k8s (#18208)
huikang Jul 20, 2023
2793761
[OSS] Improve xDS Code Coverage - Clusters (#18165)
DanStough Jul 20, 2023
c2066b9
NET-4222 take config file consul container (#18218)
huikang Jul 21, 2023
47d445d
Envoy Integration Test Windows (#18007)
absolutelightning Jul 21, 2023
926db9c
fix typos and update ecs compat table (#18215)
trujillo-adam Jul 21, 2023
c932d79
[OSS] proxystate: add proxystate protos (#18216)
ndhanushkodi Jul 21, 2023
7e01fcf
ci: don't verify s390x (#18224)
loshz Jul 21, 2023
6671d7e
[CC-5718] Remove HCP token requirement during bootstrap (#18140)
jjacobson93 Jul 21, 2023
c138f24
[NET-4122] Doc guidance for federation with externalServers (#18207)
zalimeni Jul 21, 2023
8e3a1dd
[OSS] Improve xDS Code Coverage - Endpoints and Misc (#18222)
DanStough Jul 21, 2023
7ce539e
Clarify license reporting timing and GDPR compliance (#18237)
judithpatudith Jul 21, 2023
2b0d64e
Fix Github Workflow File (#18241)
absolutelightning Jul 22, 2023
a11dba7
NET-4996 - filter go-tests and test-integration workflows from runnin…
jmurret Jul 23, 2023
8b46bac
Align build arch matrix with enterprise (#18235)
zalimeni Jul 24, 2023
639210e
Revert "NET-4996 - filter go-tests and test-integration workflows fro…
jmurret Jul 24, 2023
efb45fe
resource: Add scope to resource type registration [NET-4976] (#18214)
analogue Jul 24, 2023
b162c51
Fix some inconsistencies in jwt docs (#18234)
jm96441n Jul 24, 2023
b7cdd18
NET-1825: More new ACL token creation docs (#18063)
Jul 24, 2023
4d3f9a1
grafana: add the panel resource usage of connect injector (#18247)
huikang Jul 24, 2023
9a82df2
[NET-3700] Backfill changelog entry for c2bbe67 and 7402d06 (#18259)
zalimeni Jul 24, 2023
319a223
NET-4897 - update comment to include the current issue url from the g…
jmurret Jul 24, 2023
090e869
fix typos, style, and improper links (#18269)
trujillo-adam Jul 24, 2023
31d2813
member cli: add -filter expression to flags (#18223)
huikang Jul 25, 2023
9b540e2
go-tests: disable s390x (#18273)
loshz Jul 25, 2023
02cf177
docs: Update ext-authz documentation for kubernetes (#18281)
gautambaghel Jul 26, 2023
d147c3e
docs: Consul on Kubernetes specific upgrade info (#18230)
boruszak Jul 26, 2023
e37f702
Fix typo in Envoy extensions doc (#18284)
zalimeni Jul 26, 2023
e29ceab
docs: K8s secondary DC requirements (#18280)
boruszak Jul 26, 2023
5caa0ae
api-gateway: subscribe to bound-api-gateway only after receiving api-…
nathancoleman Jul 26, 2023
09b251f
Update K8s changelog to address cloud auto-join change in 1.0.0 (#18293)
Jul 26, 2023
cf4deeb
Update list of Envoy versions (#18300)
zalimeni Jul 26, 2023
cbfeb6c
[NET-4904] Update list of Envoy versions in docs (#18306)
zalimeni Jul 27, 2023
449e050
Update actions for TSCCR (#18317)
curtbushko Jul 28, 2023
6ada2e0
Fix topology view when displaying mixed connect-native/normal service…
apollo13 Jul 31, 2023
356b29b
Stop JWT provider from being written in non default namespace (#18325)
roncodingenthusiast Jul 31, 2023
18a5edd
docs: Fix some comments (#17118)
cuishuang Jul 31, 2023
b1b05f0
[NET-4703] Prevent partial application of Envoy extensions (#18068)
zalimeni Jul 31, 2023
3894940
docs: Simplify example jq commands by removing pipes (#18327)
blake Jul 31, 2023
bb6fc63
fix typo in create a mesh token docs (#18337)
roncodingenthusiast Aug 1, 2023
6424ef6
[CC-5719] Add support for builtin global-read-only policy (#18319)
jjacobson93 Aug 1, 2023
e459399
[NET-5121] proxystate: move protos to subdirectory to avoid conflicts…
ndhanushkodi Aug 1, 2023
13ce787
resource: adding various helpers for working with resources (#18342)
rboyer Aug 1, 2023
2a8bf5d
Wasm integration tests for local and remote wasm files (#17756)
johnlanda Aug 1, 2023
828567c
[HCP Telemetry] Periodic Refresh for Dynamic Telemetry Configuration …
Achooo Aug 1, 2023
67fc93e
NET-4240 - Snapshots are failing on Windows (#18302)
absolutelightning Aug 2, 2023
a33001f
Register ProxyStateTemplate Resource (#18316)
ishustava Aug 2, 2023
905e371
[NET-5146] security: Update Go version to 1.20.7 and `x/net` to 0.13.…
zalimeni Aug 2, 2023
9c227e2
mesh: adding the protobuf types and resources backing mesh config v2 …
rboyer Aug 3, 2023
284e3bd
[OSS] test: xds coverage for routes (#18369)
DanStough Aug 3, 2023
8e5e16d
Fix policy lookup to allow for slashes (#18347)
jjacobson93 Aug 3, 2023
89aac4b
add some initial CODEOWNERS (#18346)
rboyer Aug 3, 2023
0a48a24
Add redirects for mesh-gateway docs (#18377)
im2nguyen Aug 4, 2023
1f28ac2
expose grpc as http endpoint (#18221)
xwa153 Aug 4, 2023
1ebd001
bimapper: fix a bug and add some more test coverage (#18387)
rboyer Aug 4, 2023
38c356c
[docs] Fix ServiceDefaults example in distributed tracing (#17212)
ilpianista Aug 4, 2023
417ae9f
Fix #17730 - Dev mode has new line (#18367)
absolutelightning Aug 5, 2023
48effe5
chore: make go-mod-tidy (#18388)
rboyer Aug 7, 2023
63cc037
resource: Make resource read tenancy aware (#18397)
analogue Aug 7, 2023
96ce4da
Not using chmod - fixed integration test for Enterprise (#18401)
absolutelightning Aug 8, 2023
2096f23
replaced ordered list of rate limit ops with flow diagram (#18398)
trujillo-adam Aug 8, 2023
7902ae2
Upgrade test: remove outdated test and disable log due to verbosity (…
huikang Aug 8, 2023
43d8898
bump testcontainers-go from 0.22.0 and remove pinned go version in in…
huikang Aug 8, 2023
91d331b
Add ServiceEndpoints Mutation hook tests (#18404)
mkeeler Aug 8, 2023
bfc519f
catalog: add FailoverPolicy mutation and validation hooks (#18390)
rboyer Aug 8, 2023
e235c8b
NET-5115 Add retry + timeout filters for api-gateway (#18324)
sarahalsmiller Aug 8, 2023
42efc11
catalog: adding a controller to reconcile FailoverPolicy resources (#…
rboyer Aug 9, 2023
facd5b0
fix the error in ent repo (#18421)
xwa153 Aug 9, 2023
948ce8b
build: updates for 1.16.1 release (#18415)
DanStough Aug 9, 2023
bb1a288
update ECS links (#18419)
eddie-rowe Aug 9, 2023
10f69d8
docs: fix incorrect proxy-defaults config in Lua Envoy extension (#18…
nvanthao Aug 10, 2023
bee12c6
resource: Make resource write tenancy aware (#18423)
analogue Aug 10, 2023
05604ee
[NET-5217] [OSS] Derive sidecar proxy locality from parent service (#…
zalimeni Aug 10, 2023
6c8ca0f
NET-4984: Update APIGW Config Entries for JWT Auth (#18366)
jm96441n Aug 10, 2023
6981658
k8s compat - Openshift versions (#18307)
Aug 10, 2023
df11e4e
APIGW: Update HTTPRouteConfigEntry for JWT Auth (#18422)
jm96441n Aug 10, 2023
5fb9df1
[COMPLIANCE] License changes (#18443)
hashicorp-copywrite[bot] Aug 11, 2023
5717cbd
Net-2708/delete resource endpoint (#18420)
JadhavPoonam Aug 11, 2023
b4cdfbb
Disable deep-copy codegen verification for now. (#18446)
mkeeler Aug 11, 2023
66bcaa3
build: upgrade to latest buf v1.26.0 (#18426)
rboyer Aug 11, 2023
4a0afb5
NET-4952 Add docs for export command (#18425)
nathancoleman Aug 11, 2023
559c61e
Net-2712/resource hcl parsing (#18250)
JadhavPoonam Aug 11, 2023
cda884a
read endpoint (#18268)
xwa153 Aug 11, 2023
f88d4fe
Net-2707/list resource endpoint (#18444)
JadhavPoonam Aug 15, 2023
d565056
Fix incorrect yaml in examples (#18463)
lkysow Aug 15, 2023
0e94f48
NET-5187: Upgrade test timeout due to log producer errors (#18461)
NiniOak Aug 15, 2023
6b7ccd0
[NET-4799] [OSS] xdsv2: listeners L4 support for connect proxies (#18…
ndhanushkodi Aug 15, 2023
217107f
resource: Make resource list tenancy aware (#18475)
analogue Aug 15, 2023
adf8ddb
[COMPLIANCE] License update (#18479)
hashicorp-copywrite[bot] Aug 16, 2023
b8acd78
docs: specify manual server metadata intervention (#18477)
loshz Aug 16, 2023
5ca8cd6
docs: Update OpenShift compatibility (#18478)
Aug 16, 2023
e6c1c47
resource: Make resource delete tenancy aware (#18476)
analogue Aug 16, 2023
9e9800e
Add license-checker action that fails when any backported file contai…
nathancoleman Aug 16, 2023
aa21b12
docs: Update K8s TGW tutorial to reliably obtain role ID (#18474)
blake Aug 16, 2023
d488fc7
NET-5371 License checker pt2 (#18491)
nathancoleman Aug 16, 2023
ea7b419
README - Update KV use case to Dynamic App Configuration (#18301)
Aug 16, 2023
cbedbc0
README - re-order badges and update hub link (#18498)
Aug 17, 2023
61b7c0d
[NET-5163] Support locality testing in consul-container (#18484)
zalimeni Aug 17, 2023
b80c525
NET-4853 - xds v2 - implement base connect proxy functionality for cl…
jmurret Aug 17, 2023
c533a51
Fix HCL (#18513)
lkysow Aug 17, 2023
92cfb4a
NET-4932 - xds v2 - implement base connect proxy functionality for en…
jmurret Aug 17, 2023
97b41d9
Support custom watches on controller (#18439)
Aug 17, 2023
9ea182f
NET-4858 - xds v2 - implement base connect proxy functionality for ro…
jmurret Aug 17, 2023
cc596ce
bimapper: allow to untrack links and support reference or id (#18451)
ishustava Aug 18, 2023
0b580ff
bimapper: fix data race (#18519)
ishustava Aug 18, 2023
d3837e3
CI Split integration tests to run nightly and every PR (#18518)
huikang Aug 18, 2023
5af4bbb
Fix broken links caught in weekly report (#18522)
im2nguyen Aug 18, 2023
587663d
Create nightly test-integration for consul release branch (#18530)
huikang Aug 21, 2023
eab88bf
docs: Fix spelling errors across various pages on the site (#18533)
blake Aug 21, 2023
e5842cd
Make proto-public license MPL (#18531)
analogue Aug 21, 2023
217d305
NET-4943 - Implement ProxyTracker (#18535)
jmurret Aug 21, 2023
6d22179
resource: Make resource watchlist tenancy aware (#18539)
analogue Aug 21, 2023
547f4f8
Reduce required type arguments for DecodedResource (#18540)
mkeeler Aug 22, 2023
53e28a4
OSS -> CE (community edition) changes (#18517)
analogue Aug 22, 2023
c4b3234
CI: fix envoy versions in CI of release branch (#18538)
huikang Aug 22, 2023
570c84d
catalog: add failover mode enum validation (#18545)
rboyer Aug 22, 2023
55723c5
mesh: add validation for the new pbmesh resources (#18410)
rboyer Aug 22, 2023
0d60380
xds controller: resolve ServiceEndpoints references in ProxyStateTemp…
Aug 22, 2023
17667a1
mesh: adding type aliases for mesh resource usage (#18448)
rboyer Aug 22, 2023
4f9955d
Update trust bundle into proxy-state-template (#18550)
Aug 22, 2023
5b88aae
catalog: validating Protocol and Health enums on Service, Workload, a…
rboyer Aug 22, 2023
8a93124
chore: fix missing/incorrect license headers (#18555)
rboyer Aug 22, 2023
a1755d1
fix for , non presence of consul-version meta (#18464)
vijayraghav-io Aug 22, 2023
a1cd3f8
feat: add experiments flag to testserver sdk (#18541)
DanStough Aug 23, 2023
b37587b
bug: prevent go routine leakage due to existing DeferCheck (#18558)
huikang Aug 23, 2023
63fa78a
NET-5382 & PLAT-1159: Do not trigger workflow if only doc files are i…
NiniOak Aug 23, 2023
34eb700
UI: community verbiage (#18560)
natmegs Aug 23, 2023
2cc2c6b
Fix Windows FIPS Build (#18357)
absolutelightning Aug 24, 2023
82993fc
CE port of enterprise extension (#18572)
Aug 24, 2023
067a011
resource: Make resource listbyowner tenancy aware (#18566)
analogue Aug 24, 2023
59ab57f
NET-5147: Added placeholder structs for JWT functionality (#18575)
jm96441n Aug 24, 2023
2225bf0
resource: Make resource writestatus tenancy aware (#18577)
analogue Aug 24, 2023
051f250
NET-5338 - NET-5338 - Run a v2 mode xds server (#18579)
jmurret Aug 24, 2023
c8ef063
CI: send slack notification on failed nightly job (#18578)
huikang Aug 25, 2023
ecdcde4
CE commit (#18583)
Aug 25, 2023
2f58e05
Fix broken link on sameness group page (#18511)
im2nguyen Aug 28, 2023
0e17e98
Fix typo in permissive mTLS docs (#18551)
im2nguyen Aug 28, 2023
7bc30e9
Set concurrency for workflows (#18567)
curtbushko Aug 28, 2023
180c1e2
test: run automated tests against Vault 1.11 - 1.14 (#18590)
jkirschner-hashicorp Aug 28, 2023
48c8a83
Reduce the frequency of metric exports to minutely (#18584)
Aug 28, 2023
0e60650
NET-4944 - wire up controllers with proxy tracker (#18603)
jmurret Aug 29, 2023
797e42d
Watch the ProxyTracker from xDS controller (#18611)
Aug 29, 2023
f8812ed
Distinguish v2 catalog Protocol unset from default (#18612)
zalimeni Aug 29, 2023
a5ad366
fixes file name for consul
absolutelightning Aug 30, 2023
8b6f7b3
backport of commit a5ad3664038a3dd225b5c14b3adc181fb4dd61a6
absolutelightning Aug 30, 2023
bf63619
Merge a5ad3664038a3dd225b5c14b3adc181fb4dd61a6 into backport/NET-3181…
hc-github-team-consul-core Sep 1, 2023
081370d
backport of commit 24e7b9b9602b83dd67096a61b9305a37c6d77801
absolutelightning Aug 30, 2023
05a54c9
Net 3181 consul gh issue 15709 allow log file naming like nomad - fix…
absolutelightning Sep 1, 2023
6c9f14e
merge rel 1.14.
absolutelightning Sep 4, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
3 changes: 3 additions & 0 deletions .changelog/13782.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:feature
deps: update to latest go-discover to provide ECS auto-discover capabilities.
```
4 changes: 4 additions & 0 deletions .changelog/14340.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:feature
connect: Add local_idle_timeout_ms to allow configuring the Envoy route idle timeout on local_app
connect: Add IdleTimeout to service-router to allow configuring the Envoy route idle timeout
```
6 changes: 3 additions & 3 deletions .changelog/14679.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
```release-note:improvement
dns: **(Enterprise Only)** All enterprise locality labels are now optional in DNS lookups. For example, service lookups support the following format: <tag>.]<service>.service[.<namespace>.ns][.<partition>.ap][.<datacenter>.dc]<domain>`.
```
```release-note:improvement
dns: **(Enterprise Only)** All enterprise locality labels are now optional in DNS lookups. For example, service lookups support the following format: `[<tag>.]<service>.service[.<namespace>.ns][.<partition>.ap][.<datacenter>.dc]<domain>`.
```
1 change: 0 additions & 1 deletion .changelog/14930.txt

This file was deleted.

6 changes: 6 additions & 0 deletions .changelog/15050.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
```release-note:feature
cli: Add `-consul-dns-port` flag to the `consul connect redirect-traffic` command to allow forwarding DNS traffic to a specific Consul DNS port.
```
```release-note:feature
sdk: Configure `iptables` to forward DNS traffic to a specific DNS port.
```
3 changes: 3 additions & 0 deletions .changelog/15083.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: fixed bug where endpoint updates for new xDS clusters could block for 15s before being sent to Envoy.
```
3 changes: 3 additions & 0 deletions .changelog/15090.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:note
deps: Upgrade to use Go 1.19.2
```
6 changes: 6 additions & 0 deletions .changelog/15093.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
```release-note: improvement
connect: Add Envoy 1.24.0 to support matrix
```
```release-note: breaking-change
connect: Removes support for Envoy 1.20
```
3 changes: 3 additions & 0 deletions .changelog/15108.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: when wan address is set, peering stream should use the wan address.
```
3 changes: 3 additions & 0 deletions .changelog/15155.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
debug: fixed bug that caused consul debug CLI to error on ACL-disabled clusters
```
3 changes: 3 additions & 0 deletions .changelog/15160.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: fix nil pointer in calling handleUpdateService
```
3 changes: 3 additions & 0 deletions .changelog/15178.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix a bug that resulted in /v1/agent/metrics returning an error.
```
3 changes: 3 additions & 0 deletions .changelog/15186.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix issue where mesh-gateway settings were not properly inherited from configuration entries.
```
3 changes: 3 additions & 0 deletions .changelog/15233.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note: improvement
integ test: fix flakiness due to test condition from retry app endoint
```
3 changes: 3 additions & 0 deletions .changelog/15253.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fixed issue where using Vault 1.11+ as CA provider would eventually break Intermediate CAs [[GH-15217](https://github.com/hashicorp/consul/issues/15217)]
```
3 changes: 3 additions & 0 deletions .changelog/15272.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
proxycfg(mesh-gateway): Fix issue where deregistered services are not removed from mesh-gateway clusters.
```
7 changes: 7 additions & 0 deletions .changelog/15302.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:breaking-change
config: update 1.14 config defaults: Enable `peering` and `connect` by default.
```

```release-note:breaking-change
config: update 1.14 config defaults: Set gRPC TLS port default value to 8503
```
3 changes: 3 additions & 0 deletions .changelog/15317.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvements
acl: Allow reading imported services and nodes from cluster peers with read all permissions
```
3 changes: 3 additions & 0 deletions .changelog/15320.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: strip port from DNS SANs for ingress gateway leaf certificate to avoid an invalid hostname error when using the Vault provider.
```
2 changes: 1 addition & 1 deletion .changelog/14294.txt → .changelog/15339.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@
config: Add new `ports.grpc_tls` configuration option.
Introduce a new port to better separate TLS config from the existing `ports.grpc` config.
The new `ports.grpc_tls` only supports TLS encrypted communication.
The existing `ports.grpc` currently supports both plain-text and tls communication, but tls support will be removed in a future release.
The existing `ports.grpc` now only supports plain-text communication.
```
3 changes: 3 additions & 0 deletions .changelog/15346.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
acl: relax permissions on the `WatchServers`, `WatchRoots` and `GetSupportedDataplaneFeatures` gRPC endpoints to accept *any* valid ACL token
```
3 changes: 3 additions & 0 deletions .changelog/15356.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:security
Ensure that data imported from peers is filtered by ACLs at the UI Nodes/Services endpoints [CVE-2022-3920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3920)
```
3 changes: 3 additions & 0 deletions .changelog/15370.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
auto-config: Relax the validation on auto-config JWT authorization to allow non-whitespace, non-quote characters in node names.
```
3 changes: 3 additions & 0 deletions .changelog/15423.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
sdk: Fix SDK testutil backwards compatibility by only configuring grpc_tls port for new Consul versions.
```
3 changes: 3 additions & 0 deletions .changelog/15466.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
cli: Fix issue where `consul connect envoy` incorrectly uses the HTTPS API configuration for xDS connections.
```
3 changes: 3 additions & 0 deletions .changelog/15503.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: fix the limit of replication gRPC message; set to 8MB
```
3 changes: 3 additions & 0 deletions .changelog/15525.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
ca: Fixed issue where using Vault as Connect CA with Vault-managed policies would error on start-up if the intermediate PKI mount existed but was empty
```
3 changes: 3 additions & 0 deletions .changelog/15541.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
agent: Fixed issue where blocking queries with short waits could timeout on the client
```
3 changes: 3 additions & 0 deletions .changelog/15555.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:feature
ui: Add field for fallback server addresses to peer token generation form
```
3 changes: 3 additions & 0 deletions .changelog/15596.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
dns: Add support for cluster peering `.service` and `.node` DNS queries.
```
3 changes: 3 additions & 0 deletions .changelog/15610.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
acl: avoid debug log spam in secondary datacenter servers due to management token not being initialized.
```
3 changes: 3 additions & 0 deletions .changelog/15615.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: better represent non-passing states during peer check flattening
```
3 changes: 3 additions & 0 deletions .changelog/15659.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
connect: Add support for ConsulResolver to specifies a filter expression
```
3 changes: 3 additions & 0 deletions .changelog/15661.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fixed issue where using Vault 1.11+ as CA provider in a secondary datacenter would eventually break Intermediate CAs
```
3 changes: 3 additions & 0 deletions .changelog/15669.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
connect: ensure all vault connect CA tests use limited privilege tokens
```
3 changes: 3 additions & 0 deletions .changelog/15690.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix peering failovers ignoring local mesh gateway configuration.
```
3 changes: 3 additions & 0 deletions .changelog/15697.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:breaking-change
peering: Newly created peering connections must use only lowercase characters in the `name` field. Existing peerings with uppercase characters will not be modified, but they may encounter issues in various circumstances. To maintain forward compatibility and avoid issues, it is recommended to destroy and re-create any invalid peering connections so that they do not have a name containing uppercase characters.
```
3 changes: 3 additions & 0 deletions .changelog/15701.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
grpc: Use new balancer implementation to reduce periodic WARN logs when shuffling servers.
```
3 changes: 3 additions & 0 deletions .changelog/15705.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:security
Upgrade to use Go 1.19.4. This resolves a vulnerability where restricted files can be read on Windows. [CVE-2022-41720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41720)
```
4 changes: 4 additions & 0 deletions .changelog/15737.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:security
Upgrades `golang.org/x/net` to prevent a denial of service by excessive memory usage caused by HTTP2 requests. [CVE-2022-41717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717)
```

3 changes: 3 additions & 0 deletions .changelog/15760.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix issue where DialedDirectly configuration was not used by Consul Dataplane.
```
3 changes: 3 additions & 0 deletions .changelog/15769.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
agent: Fix assignment of error when auto-reloading cert and key file changes.
```
3 changes: 3 additions & 0 deletions .changelog/15789.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
xds: fix bug where sessions for locally-managed services could fail with "this server has too many xDS streams open"
```
3 changes: 3 additions & 0 deletions .changelog/15833.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix issue where service-resolver protocol checks incorrectly errored for failover peer targets.
```
3 changes: 3 additions & 0 deletions .changelog/15865.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix issue where watches on upstream failover peer targets did not always query the correct data.
```
3 changes: 3 additions & 0 deletions .changelog/15866.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
agent: Fix issue where the agent cache would incorrectly mark protobuf objects as updated.
```
3 changes: 3 additions & 0 deletions .changelog/15913.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
cli: Fix issue where `consul connect envoy` was unable to configure TLS over unix-sockets to gRPC.
```
3 changes: 3 additions & 0 deletions .changelog/15979.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
envoy: add `MaxEjectionPercent` and `BaseEjectionTime` to passive health check configs.
```
3 changes: 3 additions & 0 deletions .changelog/15988.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvements
cli: Added a flag, `-enable-config-gen-logging`, to the `connect envoy` command to display log messages when generating the bootstrap config.
```
3 changes: 3 additions & 0 deletions .changelog/16000.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:breaking-change
connect: Fix configuration merging for transparent proxy upstreams. Proxy-defaults and service-defaults config entries were not correctly merged for implicit upstreams in transparent proxy mode and would result in some configuration not being applied. To avoid issues when upgrading, ensure that any proxy-defaults or service-defaults have correct configuration for upstreams, since all fields will now be properly used to configure proxies.
```
3 changes: 3 additions & 0 deletions .changelog/16015.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:feature
connect: add flags `envoy-ready-bind-port` and `envoy-ready-bind-address` to the `consul connect envoy` command that allows configuration of readiness probe on proxy for any service kind.
```
4 changes: 4 additions & 0 deletions .changelog/16024.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:improvement
partitiion: **(Consul Enterprise only)** when loading service from on-disk config file or sending API request to agent endpoint,
if the partition is unspecified, consul will default the partition in the request to agent's partition
```
3 changes: 3 additions & 0 deletions .changelog/16230.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix issue where secondary wan-federated datacenters could not be used as peering acceptors.
```
3 changes: 3 additions & 0 deletions .changelog/16257.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix issue where mesh gateways would use the wrong address when contacting a remote peer with the same datacenter name.
```
4 changes: 4 additions & 0 deletions .changelog/16263.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:security
Upgrade to use Go 1.20.1.
This resolves vulnerabilities [CVE-2022-41724](https://go.dev/issue/58001) in `crypto/tls` and [CVE-2022-41723](https://go.dev/issue/57855) in `net/http`.
```
3 changes: 3 additions & 0 deletions .changelog/16339.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix bug where services were incorrectly imported as connect-enabled.
```
3 changes: 3 additions & 0 deletions .changelog/16358.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
container: Upgrade container image to use to Alpine 3.17.
```
3 changes: 3 additions & 0 deletions .changelog/16495.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
mesh: Add ServiceResolver RequestTimeout for route timeouts to make request timeouts configurable
```
3 changes: 3 additions & 0 deletions .changelog/16497.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher
```
3 changes: 3 additions & 0 deletions .changelog/16498.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
proxycfg: fix a bug where terminating gateways were not cleaning up deleted service resolvers for their referenced services
```
3 changes: 3 additions & 0 deletions .changelog/16499.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
mesh: Fix resolution of service resolvers with subsets for external upstreams
```
3 changes: 3 additions & 0 deletions .changelog/16552.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
raft: Remove expensive reflection from raft/mesh hot path
```
3 changes: 3 additions & 0 deletions .changelog/16570.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fixes a bug that can lead to peering service deletes impacting the state of local services
```
3 changes: 3 additions & 0 deletions .changelog/16592.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
ca: Fixes a bug where updating Vault CA Provider config would cause TLS issues in the service mesh
```
3 changes: 3 additions & 0 deletions .changelog/16660.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
ui: fix PUT token request with adding missed AccessorID property to requestBody
```
3 changes: 3 additions & 0 deletions .changelog/16693.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fixes a bug where the importing partition was not added to peered failover targets, which causes issues when the importing partition is a non-default partition.
```
3 changes: 3 additions & 0 deletions .changelog/16700.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
audit-logging: (Enterprise only) Fix a bug where `/agent/monitor` and `/agent/metrics` endpoints return a `Streaming not supported` error when audit logs are enabled. This also fixes the delay receiving logs when running `consul monitor` against an agent with audit logs enabled.
```
3 changes: 3 additions & 0 deletions .changelog/16729.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix issue resulting in prepared query failover to cluster peers never un-failing over.
```
3 changes: 3 additions & 0 deletions .changelog/16776.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
peering: allow re-establishing terminated peering from new token without deleting existing peering first.
```
3 changes: 3 additions & 0 deletions .changelog/16845.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
systemd: set service type to notify.
```
3 changes: 3 additions & 0 deletions .changelog/16888.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
connect: update supported envoy versions to 1.21.6, 1.22.11, 1.23.8, 1.24.6
```
3 changes: 3 additions & 0 deletions .changelog/16916.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
hcp: Add support for linking existing Consul clusters to HCP management plane.
```
3 changes: 3 additions & 0 deletions .changelog/17048.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
Fix an bug where decoding some Config structs with unset pointer fields could fail with `reflect: call of reflect.Value.Type on zero Value`.
```
3 changes: 3 additions & 0 deletions .changelog/17160.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
Fix a bug that wrongly trims domains when there is an overlap with DC name.
```
3 changes: 3 additions & 0 deletions .changelog/17185.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
xds: Fix possible panic that can when generating clusters before the root certificates have been fetched.
```
3 changes: 3 additions & 0 deletions .changelog/17235.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix issue where peer streams could incorrectly deregister services in various scenarios.
```
3 changes: 3 additions & 0 deletions .changelog/17236.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
logging: change snapshot log header from `agent.server.snapshot` to `agent.server.raft.snapshot`
```
12 changes: 12 additions & 0 deletions .changelog/17240.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
```release-note:security
Upgrade to use Go 1.20.4.
This resolves vulnerabilities [CVE-2023-24537](https://github.com/advisories/GHSA-9f7g-gqwh-jpf5)(`go/scanner`),
[CVE-2023-24538](https://github.com/advisories/GHSA-v4m2-x4rp-hv22)(`html/template`),
[CVE-2023-24534](https://github.com/advisories/GHSA-8v5j-pwr7-w5f8)(`net/textproto`) and
[CVE-2023-24536](https://github.com/advisories/GHSA-9f7g-gqwh-jpf5)(`mime/multipart`).
Also, `golang.org/x/net` has been updated to v0.7.0 to resolve CVEs [CVE-2022-41721
](https://github.com/advisories/GHSA-fxg5-wq6x-vr4w
), [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) and [CVE-2022-41723
](https://github.com/advisories/GHSA-vvpx-j8f3-3w6h
.)
```
3 changes: 3 additions & 0 deletions .changelog/17241.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: Fix multiple inefficient behaviors when querying service health.
```
3 changes: 3 additions & 0 deletions .changelog/17270.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
grpc: ensure grpc resolver correctly uses lan/wan addresses on servers
```
3 changes: 3 additions & 0 deletions .changelog/17317.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: fix a bug with Envoy potentially starting with incomplete configuration by not waiting enough for initial xDS configuration.
```
5 changes: 5 additions & 0 deletions .changelog/17426.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
```release-note:improvement
peering: gRPC queries for TrustBundleList, TrustBundleRead, PeeringList, and PeeringRead now support blocking semantics,
reducing network and CPU demand.
The HTTP APIs for Peering List and Read have been updated to support blocking.
```
3 changes: 3 additions & 0 deletions .changelog/17456.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix issue where modifying the list of exported services did not correctly replicate changes for services that exist in a non-default namespace.
```
3 changes: 3 additions & 0 deletions .changelog/17483.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
peering: Fix a bug that caused server agents to continue cleaning up peering resources even after loss of leadership.
```
3 changes: 3 additions & 0 deletions .changelog/17513.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:security
Update to UBI base image to 9.2.
```
3 changes: 3 additions & 0 deletions .changelog/17541.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
connect: reverts #17317 fix that caused a downstream error for Ingress/Mesh/Terminating GWs when their respective config entry does not already exist.
```
3 changes: 3 additions & 0 deletions .changelog/17547.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
connect: update supported envoy versions to 1.21.6, 1.22.11, 1.23.9, 1.24.7
```
Loading